It meant plenty; poeple just misundrestood what C2 meant.
Microsoft's marketing department and their press releases sure didn't help. They were all too happy to misrepresent it to mean that NT was somehow "military strength" security (whatever that means).
Win2k with SP3 got an ISO certification for achieving a certain level of security. This is were the news ends.
Yes, and where the editorial begins....
Looking back at NT's history, Microsoft made a lot of noise about POSIX certification and a "C2" security certification. In both cases, the purely objective news ended with the fact that they obtained these certification. In both cases, purely objective reporting would lead the poor reader to believe that NT 3.51 was compatible with unix applications and was highly secure.
It later became well known that the C2 security was for a very limited system without a network interface and without even a floppy drive (and even then there were some very serious questions about it). Much can also be said of how useless the POSIX subsystem was. The true story in both cases was in the editorial... "yes, it's certified, but that means nothing because [insert reasons]".
Saddly, there doesn't seem to be much well informed editorial yet. Maybe it's lurking waiting to be mod'd up? Maybe in several days or weeks ugly truths will come out? Those conjectures are based on Microsoft's previous use of (useless) certifications as a marketing tool, and their very poor record on security. Can those previous mis-representations of certifications be considered
propaganda (yes, according to dictionary.com it doesn't even matter if the info is false, misleading, or honest... though the common usage of the word implies some misrepresentation which is exactly what Microsoft did in the past with their meaningless POSIX and C2 certs).
Still, it may turn out that this certification really is meaningful (but that's not how I'd wager in a bet).
Correct me on this, but I don't remember Linux getting an ISO certification about anything.
Users should be able to move all of their business logic written in Cobol and significant portions of their other Cobol code directly to the.Net environment without the need to rewrite the code,
so long as they haven't targeted any special or proprietary application programming interfaces, Billman said.
The word "forged" does not fit in the phrase "forged headers." I believe a better word is "modified."
When the very first transmission of the message begins at the spammers system with "From:" and "To:" headers that are intentionally incorrect, how can you possibly consider that to be "modified"?
Worse yet, spammers regularily include "Received:" headers in the very first transmission of the message, to make it appear that it actually originated somewhere else and the system they used to transmit it was actually relaying it instead of acting as the original source. Indeed each system that processes the email adds its own "Received:" header, thereby modifying the message..... but the original transmission from the spammer that has "Received:" headers can't be considered modified, since it was created there.
Words like "forgery", "fraudlent" and "counterfeit" apply to the case where the original message contained intentionally incorrect headers to disguise the origin of the message, to whom it was send, and who sent it. The word "modified" includes the concept that the message was originally something different, but when spammers spew messages, they ORIGINATE with intentionally incorrect headers.
What?! They're doing a Linux version? Server only, or client? Any time frame for this?
Bioware released the linux server at or very close to the initial release of the game in stores.
This Linux client status page has screenshots and gets updates about their progress. They're not promising an exact date, but they've said "Fall" and "later this year" several times.
Slashdot ran a several stories about NwN on linux a few months ago.
The recent revisions of Neverwinter Nights can detect daemon-tools and they won't even start if it is installed (even if the real cdrom is in a real drive).
I've seen cracks for NWN, and honestly it's just too much trouble until Bioware can finally get the annoying bugs worked out (1.24 seems to have finally fixed most of the crashing bugs, but the henchmen still go hostile unexpectedly sometimes).
What I'm really wondering is what they'll do for copy protection when/if the linux version is released ?
What do you recommend for the home user that wants something like this just for the nerd factor and doesn't have a million bucks to spend?
There just aren't many products targeted at residential applications, because the money spent on power (withint one hoursehold) and the opportunity for reducing it just isn't enough to justify buying equipment.
I suppose we could rip open the kill a watt and try to create an interface for it so we could log it's data but still that's not very practical.
Ask me this question again in 15 months, when my non-compete agreement with Veris is expired. Normally I don't worry too much about that, but this is a power meter, and I spent years at Veris designing power meters.
Even if this is true, there's a lot of other loads in the building besides the HVAC system.
I know a story of a company (which I can't mention due to former NDA) that used a system similar to this AcquiSuite. The guy who saw the facilities manager for a large "campus" hired a database consultant to build some scripts to automatically update a "naughty" and "nice" list of the departments who used the most and least power per square foot of their respective areas. He had it automatically send emails to the managers of any sections that wasted a lot of power relative to the other areas.
Much of their power bill turned out to be for lighting, and by the managers simply telling their people to turn the lights off, their power bill went down considerably. The peer pressure of having the departments compared to each other went a long way towards motivating and sustaining measures to save power.
So your dad may be right, or he may be wrong about HVAC, but there's a lot of ways to save power besides ripping out your furnace and cooling systems.
Just to mention another one, I know of a place where they had a large peak demand charge (power companies charge for peak usage as well as comsumed kwh on the east coast), and it turned out large machines which melted material with heaters were all "warming up" at the same time. By having the machine operator come in to work an hour earlier and turn the machines on in a sequence they saved thousands on their monthly bill. I heard a similar story of a heat-based machine that caused a large peak because whoever installed the machine went "overkill" on the number of heating elements. They just cut the wires to half the heaters, and the machine took twice as long to warm up (was on a timer anyway in that case) but didn't set a record peak and thus the power bill went way down. In both those cases, they believed their excessive peak demand bills were from actual useful work, but once detailed data was logged it turned out to be from machine startups and they saved lots of money by simply starting the machines up differently.
So you may not think it's such a great device, but there are a lot of people who've saved a lot of money simply by learning where they were really using power and making simple changes to the way they operated. They would probably not agree with you.
I hope this post can explain a bit about what the AcquiSuite is all about.
I know Steve and the guys behind the AcquiSuite. I designed the Veris Enercept power meter that's shown on their home page. In fact, I can probably take credit for convincing them to go with Linux on x86 a few years ago (they were also seriously considering PSOS on the netsilicon ARM+ethernet hardware). I didn't actually participate in the AcquiSuite though, and I'm not affiliated with them, and I recently left Veris Industries. So take the rest of this comment with a grain of salt... I'm not totally impartial, but I do know quite a bit about the system.
The AcquiSuite is designed for use in commercial buildings and groups of buildings. It can monitor many power lines, not just one socket. The Veris Enercept meters are typically installed in the breaker boxes that feed major sections or subsystems of a building. These meters are meant for 3-phase power systems in the 20 to 2400 amp range, not single-phase 120 volt, 15 amp residential. The AcquiSuite also interfaces to temperature, humidity and other types of sensors.
There's three major factors (as I understand):
Data is logged, so you can see when the power was used
It's cost effective to collect the data, as many AcquiSuites can call to a single PPP dial-up account and transmit their data to a server
They've done a lot of work to make it inexpensive to install the AcquiSuite and its related sensors
One of the key factors is cost... since this thing is supposed to save energy, it needs to be a lot less expensive that what it costs to install.
Compare to the "Kill A Watt" (which actually offers similar functionality for single-phase 120 volt as the Veris Enercept, but on a LCD instead of RS-485 network). With a simple meter like that, you can look over at it and see the power company is give the correct voltage, and how much current/power you're using at any particular time. You can see the accumulated consumption, so you could jot that number down every month and see how much the attached load cost you.
But to be useful in truely saving money, you need to log the data, collect that data, and get an analysis of that data in a timely manner.
You can go to your conventional power meter, be it the "Kill A Watt", Veris Enercpt, or the "glass meter" on the side of your house and read what it says. If you remember what it was last time to read it, say a week ago, you might say "damn, I used a lot of power this week, I'll have to try to do better next week... but how?"
Now enter the AcquiSuite (or other data logging methods): when you're wondering about your power usage, you visit a website using your browser, and in seconds you have a detailed plot showing how much power you were using throughout the day. It's similar to those bandwitch graphs from MRTG, you see a massive anamoly and say "holy sh*t, what happened the night before last that used so much power"? Or perhaps you see the longer time scale and see that something hogs lots of power every Monday morning. Or perahsp you compare graphs for similar office spaces in different buildings and see that one office uses a lot more power than the others, and perhaps only in the morning.
This is the sort of information that you really need to find where power is being wasted. And it's the timely fashion that's required to actually do something about it. You can find the janitor who didn't turn the light off, or modify a factory start-up proceedure for sequencing those machines properly on Monday morning, or fix the heating system in that one office that's using too much power.
That is what the AcquiSuite, and systems like it, are all about. They log data on a fine enough time scale from enough locations that you can (hopefully) see those unexpected events that are wasting power and costing money, and you can see them very shortly after they occur, so you can actually go do something about them.
One of the neat things about the AcquiSuite is it's ability to use the internet (linux tcp/ip stack and ppp). It can call an ISP and upload its data to a server, and as I recall it can be set to do this on a schedule with many others, so that a whole bunch of them can share just one dial-up account to send their data. I was told that a lot of people install them on their existing fax line, since it only makes calls infreqeuently and off of business hours. There were a bunch of other simple but nice features to the AcquiSuite that Steve was telling me about, but they escape me right now. Oh well.
I hope this has cleared up some of what this is all about. I know a lot of slashdotters see a product and only think of its application in a resedential application, mainly their house, appartment, dorm room, etc. This thing is targeted at commercial builds and groups of buildings.
As are deliberate actions that waste ordinary users time and frustrate their efforts to send and receive legitimate email.
Spammers and Blacklisters alike cause ordinary users to have trouble with their email. They're both unproductively waste ordinary people's time.
Blacklists are arguably worse than spammers, with the exception of filling inboxes (rare with small spam, common with email worms using large attachments), spam only causes ordinary users to have to delete unwanted messages. Though fewer are effected by blacklists, the DISRUPTION OF SERVICE to ordinary users is much worse. Desirable messages are not delivered, which is far worse than having a desirable message amoung dozens of unwanted adverts.
It's kind of like a pizza place that refuses delivery to neighbourhoods known for high levels of violent crime....
No, it's not like a pizza restaruant at all.
It's like the postal service. It's like UPS and FedEx.
It's a matter of sending something to someone with every reasonably expectation that it will in fact be delivered as it should be. And you've already paid (to your ISP, who has paid unstream networks), so why shouldn't your message get to where you are legitimately sending it?
You don't sit at your computer and somehow cause others to create messages and send them to you at your request. Email works nothing like calling for a pizza to be delivered. The web works like that, but not email. It's called e-MAIL because it's modeled after, yes that's right, normal postal MAIL.
It is in fact like the postal service refusing to deliver letters and packages to a whole neighborhood because of a few undesirables.
If the only way to stem the flood of garbage is in a method that keeps out some legitimate traffic, then that's what should be done.
It is not the only way. Many other approaches exist. Other approachs generally do not harm third parties. And speaking in a larger social context about what "should be done", laws regulating spam are also an approach.
Even if blacklists were the only way, interrupting service to innocent and unsuspecting third parties is not acceptable.
The whole reason spam is such a problem is that it hinders normal legitimate communication. Errant blacklisting has the same evil effect.
Spam causes frustration with ugly messages, and blacklisting causes frustration for people whose legitimate emails bounce or go undelivered.
Both spam and blacklists disrupt legitimate email communication and both frustrate normal users.
... and finally, (out of the original order), here's what all the blacklist proponents say:
residents of the neighbourhood who want service should understand the reason for the refusal and either work to remove their crackhouses/spammers or move somewhere else.
How the hell is anyone supposed to do this with ISPs? You can't easily tell in advance if an ISP is hosting any spammers, and even if you could, you can't know down the road if they will in a few months, a year, or in two years. Companies change owners and management.
Spammers trick ISPs all the time, and get booted after a short time. The blacklist maintainers (using that word lightly) are "trigger happy". They'll add a massive block of an ISP instantly. I was personally involved in a case a year ago where thousands of IPs (including mine) were blacklisted, and had been blacklisted for many months, all because a spammer operated from a single IP number for about 1 week. The ISP shut them down. The blacklist even had a note with the date that the ISP confirmed the spammer would be removed within 1 week. But did they remove the block. No. I had to send lots of emails and prove the spammer had moved on. I've had a couple other blacklist encounters where the "maintainer" was completely uncooperative and refused to remove the block (even though I could demonstrate that no spammer was currently operating in that network).
I find it absolutely amazing that anti-spam advocates, who are supposedly fighting to ensure the email is a viable communication medium free from excessive unwanted advertisting, are willing to intentionally disrupt service of others. The effect is to weaken the usefulness of email as a system.
Those who support the notion of blacklists do so only because they are ignorant of the harmful side effects, or they care nothing of implementing a system for the greater good of email in general... only so they can rid their own inboxes of ugly, distasteful messages, at the possible expense of some legitimate ones too.
Why not just throw the baby out with the bathwater too?
Do you really think we would have the GPL if it weren't for MS? The fact the GPL EXISTS is a testament to the problems with MS and Windows.
Hell YES, since the GPL was written in the mid 80's, before Windows existed, before Microsoft was a monopoly, and in fact, before PC computers had displaced Apple 2's, C-64's, Amiga, etc, and even before the majority of PCs ran MS-DOS instead of IBM's PC-DOS.
Actually, the effect on innocents is intentional. The desire is to blacklist entire IP ranges ...
It may sound unfair, but given that spammers are despicable scum who deserve horrible, painful death, I don't see an easier or more effective means of dealing with ISPs who have the gall to support them.
So because there is nothing "easier or more effective", that makes it ok to intentionally cause harm to innocent third parties??
I'm just trying to keep it straight in my mind who are the "despicable scam who deserve horrible, painful death".......... for causing large numbers of users to have a harder time with their email?
How can someone be wrong from sharing their opinion and then other people agree with it, in this case by using spews's blocklist.
The answer you're looking for is that it's an infalable system, but that's not the answer you'll get from me. This post ought to be "redundant", but somehow many people still don't know of the pitfalls.
The most common abuse is that the "opinion" is extended from the IP numbers of the spammers to a large block of IP numbers for the whole ISP that provided access to the spammer. The reasoning for this (usually) is that ISPs won't take adction against spammers unless there is some consequence for their inaction, and having all their customers on a blacklist has indeed been effective at coercing ISPs to ban spammers.
But the cost is that dozens, hundreds, or sometimes even thousands of innocent and unsuspecting domain names experience problems with a portion of their perfectly legitimate email. Many systems that implement the blacklists don't bounce messages with a meaningful explaination that an anti-spam blacklist was used to reject the message, and some don't even send a "mailer daemon" bounce at all. Even worse is that systems that implement the blacklists always allow their users to SEND to sites on the blacklist. The result is that legitimate businesses and orginazations can send a legitimate REPLY to a legitimate message they received, because the sender allowed an outgoing message, but rejected its reply.
The injustice grows exponentially when the decision to trust the blacklist is made by an ISP or large organization, and not the individual end user who won't receive messages due to it. The result is that perfectly legitimate communication between two "third parties" is disrupted, and neither party was involved in the exchange of "opinions".
So in theory, blacklists collecting and offering opinions sounds so good that nothing could go wrong. Three things can and regularily do go wrong:
In practice, the "opinions" are regularily expanded to intentionally cover large groups of spammer and non-spam customers alike at an ISP.
In practice, software implements the blocking badly so that blocked messages don't contain useful messages about the blocking, and in some cases packets are silently dropped. Many inaccurately blocked users don't truely discover the problem for some time, and when they do they are unable to get their legitimate business/organization off the blacklist (they're told to find another ISP... but where is safe?)
In practice, the decision to trust the opinions is made by an ISP or large organization, not the end user. Sometimes the end user is told they are using an "anti-spam solution" without any disclosure of the adverse effects on some legitimate messages.
Those are the things that can, and regularily do go wrong.
Can Bitkeeper legitimately impose such license restrictions? Yes, they can - it is their product and they can do whatever they fucking want with it.
Last time I checked, it seemed like restrictions in EULAs above and beyond the exclusive rights granted by copyright were an unresolved gray area.
Perhaps that's all changed now... but as I recall there was a push to pass new contract law in all 50 states, but only two bought it and much debate sprung up, and even the FTC got involved to some degree on the side of consumers. Back then, there had been only a small number of cases that actually went to trial, with conflicting results (one consumer-friendly one tossed out resale restructions, or something like that).
So you can see my memory is hazzy. What did I miss? Other than scare tactics, what basis is there to believe these sorts of EULA restrictions have any validity?? Please, do tell.
This divides the world of open-source developers into two mutually exclusive groups: those who use bitkeeper for kernel development and those who can ever work on free alternatives.
Or those who will ignore it vs those who will abide by any license term, no matter how unreasonable and unenforcable.
Not being able, however, to create a derivative work of, oh, "Steamboat Willie" doesn't really hurt anybody unless they're so uncreative and obsessed enough to only be capable of churning out SW-based crap.
It's really the fault of all those suckers who buy the damn products. If only they would stop buying, we could all live in peace and queit at dinner time.
While I'm ranting, I'd really like to find those bastards who believe email that promises they can get rich quick, magically lose weight, get a loan with bad credit, etc.
If only we could find and punish this tiny group of people, the rest of us would all benefit.
If you don't have the money to buy new hardware...then I don't know what to tell you.
But so many others do. Linux (GNU, Gnome, KDE, whatever) has been touted as costing less not only due to the 'free' price, but because it can run on older hardware.
... how do you shut down something that, in theory, can run on any computer, any port,without making calls to a centralized server, doesn't track transmitted files and can use encrypted communications? That final part invalidates ip-sniffing, and the random ports restricts your port blocking.
The fact that it "uses encryption" doesn't somehow make it magically undetectable among a stream of packets belonging to other services. The fact that it "uses random ports" doesn't negate the need to somehow, in a well defined manner, initially learn what "random" port number is being used by some host you want to communicate with.
Anytime you're going to exchange data with a previously unknown host (to you), you're going to have to exchange encryption keys using some well defined protocol, and you're going to need some known-in-advance manner to begin the communication. You can't just begin blasting encrypted data to random port numbers... you first need to find how what port number the remote host is listening on, and you need to echange keys so it will be able to decrypt your data.
If someone between you and the remote host foils your key exchange and silently drops those packets you transmitted in an attempt to learn of the remote host in the first place, it's going to put a big chill on your file sharing.
Slashdot Mirror
Microsoft's marketing department and their press releases sure didn't help. They were all too happy to misrepresent it to mean that NT was somehow "military strength" security (whatever that means).
Yes, and where the editorial begins....
Looking back at NT's history, Microsoft made a lot of noise about POSIX certification and a "C2" security certification. In both cases, the purely objective news ended with the fact that they obtained these certification. In both cases, purely objective reporting would lead the poor reader to believe that NT 3.51 was compatible with unix applications and was highly secure.
It later became well known that the C2 security was for a very limited system without a network interface and without even a floppy drive (and even then there were some very serious questions about it). Much can also be said of how useless the POSIX subsystem was. The true story in both cases was in the editorial... "yes, it's certified, but that means nothing because [insert reasons]".
Saddly, there doesn't seem to be much well informed editorial yet. Maybe it's lurking waiting to be mod'd up? Maybe in several days or weeks ugly truths will come out? Those conjectures are based on Microsoft's previous use of (useless) certifications as a marketing tool, and their very poor record on security. Can those previous mis-representations of certifications be considered propaganda (yes, according to dictionary.com it doesn't even matter if the info is false, misleading, or honest... though the common usage of the word implies some misrepresentation which is exactly what Microsoft did in the past with their meaningless POSIX and C2 certs). Still, it may turn out that this certification really is meaningful (but that's not how I'd wager in a bet).
Correct me on this, but I don't remember Linux getting an ISO certification about anything.
http://www.ukuug.org/sigs/linux/newsletter/linux@u k21/posix.shtml
What a fresh departure from [my favorite language] is the best. Looks like you just hate everything. I'd mod you up if I had the points!
When the very first transmission of the message begins at the spammers system with "From:" and "To:" headers that are intentionally incorrect, how can you possibly consider that to be "modified"?
Worse yet, spammers regularily include "Received:" headers in the very first transmission of the message, to make it appear that it actually originated somewhere else and the system they used to transmit it was actually relaying it instead of acting as the original source. Indeed each system that processes the email adds its own "Received:" header, thereby modifying the message..... but the original transmission from the spammer that has "Received:" headers can't be considered modified, since it was created there.
Words like "forgery", "fraudlent" and "counterfeit" apply to the case where the original message contained intentionally incorrect headers to disguise the origin of the message, to whom it was send, and who sent it. The word "modified" includes the concept that the message was originally something different, but when spammers spew messages, they ORIGINATE with intentionally incorrect headers.
Bioware released the linux server at or very close to the initial release of the game in stores.
This Linux client status page has screenshots and gets updates about their progress. They're not promising an exact date, but they've said "Fall" and "later this year" several times.
Slashdot ran a several stories about NwN on linux a few months ago.
The recent revisions of Neverwinter Nights can detect daemon-tools and they won't even start if it is installed (even if the real cdrom is in a real drive).
I've seen cracks for NWN, and honestly it's just too much trouble until Bioware can finally get the annoying bugs worked out (1.24 seems to have finally fixed most of the crashing bugs, but the henchmen still go hostile unexpectedly sometimes).
What I'm really wondering is what they'll do for copy protection when/if the linux version is released ?
There just aren't many products targeted at residential applications, because the money spent on power (withint one hoursehold) and the opportunity for reducing it just isn't enough to justify buying equipment.
I suppose we could rip open the kill a watt and try to create an interface for it so we could log it's data but still that's not very practical.
Ask me this question again in 15 months, when my non-compete agreement with Veris is expired. Normally I don't worry too much about that, but this is a power meter, and I spent years at Veris designing power meters.
I know a story of a company (which I can't mention due to former NDA) that used a system similar to this AcquiSuite. The guy who saw the facilities manager for a large "campus" hired a database consultant to build some scripts to automatically update a "naughty" and "nice" list of the departments who used the most and least power per square foot of their respective areas. He had it automatically send emails to the managers of any sections that wasted a lot of power relative to the other areas.
Much of their power bill turned out to be for lighting, and by the managers simply telling their people to turn the lights off, their power bill went down considerably. The peer pressure of having the departments compared to each other went a long way towards motivating and sustaining measures to save power.
So your dad may be right, or he may be wrong about HVAC, but there's a lot of ways to save power besides ripping out your furnace and cooling systems.
Just to mention another one, I know of a place where they had a large peak demand charge (power companies charge for peak usage as well as comsumed kwh on the east coast), and it turned out large machines which melted material with heaters were all "warming up" at the same time. By having the machine operator come in to work an hour earlier and turn the machines on in a sequence they saved thousands on their monthly bill. I heard a similar story of a heat-based machine that caused a large peak because whoever installed the machine went "overkill" on the number of heating elements. They just cut the wires to half the heaters, and the machine took twice as long to warm up (was on a timer anyway in that case) but didn't set a record peak and thus the power bill went way down. In both those cases, they believed their excessive peak demand bills were from actual useful work, but once detailed data was logged it turned out to be from machine startups and they saved lots of money by simply starting the machines up differently.
So you may not think it's such a great device, but there are a lot of people who've saved a lot of money simply by learning where they were really using power and making simple changes to the way they operated. They would probably not agree with you.
I know Steve and the guys behind the AcquiSuite. I designed the Veris Enercept power meter that's shown on their home page. In fact, I can probably take credit for convincing them to go with Linux on x86 a few years ago (they were also seriously considering PSOS on the netsilicon ARM+ethernet hardware). I didn't actually participate in the AcquiSuite though, and I'm not affiliated with them, and I recently left Veris Industries. So take the rest of this comment with a grain of salt... I'm not totally impartial, but I do know quite a bit about the system.
The AcquiSuite is designed for use in commercial buildings and groups of buildings. It can monitor many power lines, not just one socket. The Veris Enercept meters are typically installed in the breaker boxes that feed major sections or subsystems of a building. These meters are meant for 3-phase power systems in the 20 to 2400 amp range, not single-phase 120 volt, 15 amp residential. The AcquiSuite also interfaces to temperature, humidity and other types of sensors.
There's three major factors (as I understand):
One of the key factors is cost... since this thing is supposed to save energy, it needs to be a lot less expensive that what it costs to install.
Compare to the "Kill A Watt" (which actually offers similar functionality for single-phase 120 volt as the Veris Enercept, but on a LCD instead of RS-485 network). With a simple meter like that, you can look over at it and see the power company is give the correct voltage, and how much current/power you're using at any particular time. You can see the accumulated consumption, so you could jot that number down every month and see how much the attached load cost you.
But to be useful in truely saving money, you need to log the data, collect that data, and get an analysis of that data in a timely manner.
You can go to your conventional power meter, be it the "Kill A Watt", Veris Enercpt, or the "glass meter" on the side of your house and read what it says. If you remember what it was last time to read it, say a week ago, you might say "damn, I used a lot of power this week, I'll have to try to do better next week... but how?"
Now enter the AcquiSuite (or other data logging methods): when you're wondering about your power usage, you visit a website using your browser, and in seconds you have a detailed plot showing how much power you were using throughout the day. It's similar to those bandwitch graphs from MRTG, you see a massive anamoly and say "holy sh*t, what happened the night before last that used so much power"? Or perhaps you see the longer time scale and see that something hogs lots of power every Monday morning. Or perahsp you compare graphs for similar office spaces in different buildings and see that one office uses a lot more power than the others, and perhaps only in the morning.
This is the sort of information that you really need to find where power is being wasted. And it's the timely fashion that's required to actually do something about it. You can find the janitor who didn't turn the light off, or modify a factory start-up proceedure for sequencing those machines properly on Monday morning, or fix the heating system in that one office that's using too much power.
That is what the AcquiSuite, and systems like it, are all about. They log data on a fine enough time scale from enough locations that you can (hopefully) see those unexpected events that are wasting power and costing money, and you can see them very shortly after they occur, so you can actually go do something about them.
One of the neat things about the AcquiSuite is it's ability to use the internet (linux tcp/ip stack and ppp). It can call an ISP and upload its data to a server, and as I recall it can be set to do this on a schedule with many others, so that a whole bunch of them can share just one dial-up account to send their data. I was told that a lot of people install them on their existing fax line, since it only makes calls infreqeuently and off of business hours. There were a bunch of other simple but nice features to the AcquiSuite that Steve was telling me about, but they escape me right now. Oh well.
I hope this has cleared up some of what this is all about. I know a lot of slashdotters see a product and only think of its application in a resedential application, mainly their house, appartment, dorm room, etc. This thing is targeted at commercial builds and groups of buildings.
As are deliberate actions that waste ordinary users time and frustrate their efforts to send and receive legitimate email.
Spammers and Blacklisters alike cause ordinary users to have trouble with their email. They're both unproductively waste ordinary people's time.
Blacklists are arguably worse than spammers, with the exception of filling inboxes (rare with small spam, common with email worms using large attachments), spam only causes ordinary users to have to delete unwanted messages. Though fewer are effected by blacklists, the DISRUPTION OF SERVICE to ordinary users is much worse. Desirable messages are not delivered, which is far worse than having a desirable message amoung dozens of unwanted adverts.
No, it's not like a pizza restaruant at all.
It's like the postal service. It's like UPS and FedEx.
It's a matter of sending something to someone with every reasonably expectation that it will in fact be delivered as it should be. And you've already paid (to your ISP, who has paid unstream networks), so why shouldn't your message get to where you are legitimately sending it?
You don't sit at your computer and somehow cause others to create messages and send them to you at your request. Email works nothing like calling for a pizza to be delivered. The web works like that, but not email. It's called e-MAIL because it's modeled after, yes that's right, normal postal MAIL.
It is in fact like the postal service refusing to deliver letters and packages to a whole neighborhood because of a few undesirables.
If the only way to stem the flood of garbage is in a method that keeps out some legitimate traffic, then that's what should be done.
- It is not the only way. Many other approaches exist. Other approachs generally do not harm third parties. And speaking in a larger social context about what "should be done", laws regulating spam are also an approach.
- Even if blacklists were the only way, interrupting service to innocent and unsuspecting third parties is not acceptable.
The whole reason spam is such a problem is that it hinders normal legitimate communication. Errant blacklisting has the same evil effect.Spam causes frustration with ugly messages, and blacklisting causes frustration for people whose legitimate emails bounce or go undelivered.
Both spam and blacklists disrupt legitimate email communication and both frustrate normal users.
residents of the neighbourhood who want service should understand the reason for the refusal and either work to remove their crackhouses/spammers or move somewhere else.
How the hell is anyone supposed to do this with ISPs? You can't easily tell in advance if an ISP is hosting any spammers, and even if you could, you can't know down the road if they will in a few months, a year, or in two years. Companies change owners and management.
Spammers trick ISPs all the time, and get booted after a short time. The blacklist maintainers (using that word lightly) are "trigger happy". They'll add a massive block of an ISP instantly. I was personally involved in a case a year ago where thousands of IPs (including mine) were blacklisted, and had been blacklisted for many months, all because a spammer operated from a single IP number for about 1 week. The ISP shut them down. The blacklist even had a note with the date that the ISP confirmed the spammer would be removed within 1 week. But did they remove the block. No. I had to send lots of emails and prove the spammer had moved on. I've had a couple other blacklist encounters where the "maintainer" was completely uncooperative and refused to remove the block (even though I could demonstrate that no spammer was currently operating in that network).
I find it absolutely amazing that anti-spam advocates, who are supposedly fighting to ensure the email is a viable communication medium free from excessive unwanted advertisting, are willing to intentionally disrupt service of others. The effect is to weaken the usefulness of email as a system.
Those who support the notion of blacklists do so only because they are ignorant of the harmful side effects, or they care nothing of implementing a system for the greater good of email in general... only so they can rid their own inboxes of ugly, distasteful messages, at the possible expense of some legitimate ones too.
Why not just throw the baby out with the bathwater too?
Hell YES, since the GPL was written in the mid 80's, before Windows existed, before Microsoft was a monopoly, and in fact, before PC computers had displaced Apple 2's, C-64's, Amiga, etc, and even before the majority of PCs ran MS-DOS instead of IBM's PC-DOS.
IBM was a giant then, and Microsoft was tiny.
Hmm.. I wonder how this part of section 3 in the GPL would apply :)
That's exact it: Explaining.
Nothing could be more painful for many American parents than having to actually explain sexual activities to their kids.
It may sound unfair, but given that spammers are despicable scum who deserve horrible, painful death, I don't see an easier or more effective means of dealing with ISPs who have the gall to support them.
So because there is nothing "easier or more effective", that makes it ok to intentionally cause harm to innocent third parties??
I'm just trying to keep it straight in my mind who are the "despicable scam who deserve horrible, painful death".......... for causing large numbers of users to have a harder time with their email?
Microsoft's "switch" story web page uses a font spec that appears nicely in MSIE, but renders too small on non-windows platforms.
The answer you're looking for is that it's an infalable system, but that's not the answer you'll get from me. This post ought to be "redundant", but somehow many people still don't know of the pitfalls.
The most common abuse is that the "opinion" is extended from the IP numbers of the spammers to a large block of IP numbers for the whole ISP that provided access to the spammer. The reasoning for this (usually) is that ISPs won't take adction against spammers unless there is some consequence for their inaction, and having all their customers on a blacklist has indeed been effective at coercing ISPs to ban spammers.
But the cost is that dozens, hundreds, or sometimes even thousands of innocent and unsuspecting domain names experience problems with a portion of their perfectly legitimate email. Many systems that implement the blacklists don't bounce messages with a meaningful explaination that an anti-spam blacklist was used to reject the message, and some don't even send a "mailer daemon" bounce at all. Even worse is that systems that implement the blacklists always allow their users to SEND to sites on the blacklist. The result is that legitimate businesses and orginazations can send a legitimate REPLY to a legitimate message they received, because the sender allowed an outgoing message, but rejected its reply.
The injustice grows exponentially when the decision to trust the blacklist is made by an ISP or large organization, and not the individual end user who won't receive messages due to it. The result is that perfectly legitimate communication between two "third parties" is disrupted, and neither party was involved in the exchange of "opinions".
So in theory, blacklists collecting and offering opinions sounds so good that nothing could go wrong. Three things can and regularily do go wrong:
In practice, the "opinions" are regularily expanded to intentionally cover large groups of spammer and non-spam customers alike at an ISP.
In practice, software implements the blocking badly so that blocked messages don't contain useful messages about the blocking, and in some cases packets are silently dropped. Many inaccurately blocked users don't truely discover the problem for some time, and when they do they are unable to get their legitimate business/organization off the blacklist (they're told to find another ISP... but where is safe?)
In practice, the decision to trust the opinions is made by an ISP or large organization, not the end user. Sometimes the end user is told they are using an "anti-spam solution" without any disclosure of the adverse effects on some legitimate messages.
Those are the things that can, and regularily do go wrong.
Last time I checked, it seemed like restrictions in EULAs above and beyond the exclusive rights granted by copyright were an unresolved gray area.
Perhaps that's all changed now... but as I recall there was a push to pass new contract law in all 50 states, but only two bought it and much debate sprung up, and even the FTC got involved to some degree on the side of consumers. Back then, there had been only a small number of cases that actually went to trial, with conflicting results (one consumer-friendly one tossed out resale restructions, or something like that).
So you can see my memory is hazzy. What did I miss? Other than scare tactics, what basis is there to believe these sorts of EULA restrictions have any validity?? Please, do tell.
Or those who will ignore it vs those who will abide by any license term, no matter how unreasonable and unenforcable.
Snow White
Cinderella
The Little Mermaid
Pocahontas
Tarzan
Ah. So it's all *your* fault then.
It's really the fault of all those suckers who buy the damn products. If only they would stop buying, we could all live in peace and queit at dinner time.
While I'm ranting, I'd really like to find those bastards who believe email that promises they can get rich quick, magically lose weight, get a loan with bad credit, etc.
If only we could find and punish this tiny group of people, the rest of us would all benefit.
But so many others do. Linux (GNU, Gnome, KDE, whatever) has been touted as costing less not only due to the 'free' price, but because it can run on older hardware.
The fact that it "uses encryption" doesn't somehow make it magically undetectable among a stream of packets belonging to other services. The fact that it "uses random ports" doesn't negate the need to somehow, in a well defined manner, initially learn what "random" port number is being used by some host you want to communicate with.
Anytime you're going to exchange data with a previously unknown host (to you), you're going to have to exchange encryption keys using some well defined protocol, and you're going to need some known-in-advance manner to begin the communication. You can't just begin blasting encrypted data to random port numbers... you first need to find how what port number the remote host is listening on, and you need to echange keys so it will be able to decrypt your data.
If someone between you and the remote host foils your key exchange and silently drops those packets you transmitted in an attempt to learn of the remote host in the first place, it's going to put a big chill on your file sharing.
Or, stated another way....
You underestimate the POWER of the DARK SIDE.
So what do you think?